Reddit had a security incident related to SMS 2FA, and their write-up on it is quite solid. I can actually gain trust in a company if they do an incident report well, and I think they’ve done that here. Link

BurpSuite has a new crawler, which allows for automatic session management. As a web app tester, this is fantastic news. Link

A number of sources are reporting that spam is increasing, and one often-mentioned reason is the decline of Adobe exploits. It’s an interesting lesson that economics is about changes and externalities.

CompTIA now has a new penetration testing certification, called PenTest+. Link

Marina Butina—the Russian spy working in the U.S.—evidently blew her cover by getting drunk and bragging. This is very common for Link

Venezuela’s President has survived a drone strike assassination attempt. Link

Russia sold 84% of its U.S. debt between March and May of 2018. Russia said they just wanted to get more into gold, but given the information warfare campaigns they’ve been running against us, I can’t help but jump right to a pre-attack shorting move. No hard data to back that up—just a feeling. Link

Technology News

Draw This is an instant camera that creates cartoons using machine learning. Link

T2F is text-to-face generation using deep learning. You describe a person and it gives you an image. Link

Full genome sequencing is down to around $500 now, at least for this company. I’ll probably give it some time and see how the reviews are before I try it. But I’ll do it soon. Link

Captain Picard is back in a new Star Trek series! Picard is the epitome of a true leader in my mind, and what I learned from that character continues to inform me even now. I bet he’s going to teach us this time (among other things) about the value of truth and facts in a world full of misinformation. Just a guess. Link

A Stanford study has linked depression to the lack of an over-the-counter supplement called Acetyl-L-Carnitine. Link

There’s a new, elegantly simple card game called The Mind that is attracting a cult-like following. Link

Many believe that blogs are less popular (and less read) now because of the shuttering of Google Reader, and the subsequent consolidation of content consumption on platforms like Twitter, Facebook, Reddit, and Medium. Link

I’m reading the Superforecasting book, and the high-level summary of what makes a top-tier predictor is someone who is dedicated to self-improvement. This makes sense to me because it’s consistent with someone who doesn’t cling to the past—including past opinions. When the information changes, your opinion changes with it. Link

I’ll be in Vegas this week for BlackHat / DEFCON, and you should come by the IOAsis to help us celebrate 20 years. We’re at the House of Blues on Wednesday the 8th, and we’ll have a ton of security talks, plenty of hydration and caffeine, as well as massages! And new for this year, we’ll have the EA Experience Gaming Zone, where you can play some of the newest EA games.

I’ll also be available around BH/DC to chat about my Attack Surface Monitoring service HELIOS. TL;DR: it monitors your external attack surface—both on-prem and cloud—and tells you almost instantly when something dangerous gets exposed. So if someone makes a mistake and accidentally puts a database on the internet, leaves a web admin interface out there, exposes data via S3 buckets—and dozens of other types of exposures—you’ll know immediately via API push, Splunk, Slack, etc.Reach out to me here if you want to arrange a chat.

Books I’ve read recently: Subscribed, The Accidental Universe, Venture Deals, Origin Story, The Order of Time, Factfulness. And I’m currently reading Superforecasting.

And thank you so much to those of you who sent in fiction ideas. I received almost a hundred responses on that, and they were fantastic. I now have a solid queue of fiction titles as well! The first two are going to be The Way of Kings and The Blade Itself.